Newer
Older
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
- Thanks to Mathias Axelsson, I've been able to work on FTPS for libcurl and it
seems to work somewhat fine now.
The FTPS stuff is based on RFC2228 and the murray-auth-ftp-ssl draft
(version 12). There seems to exist quite a few servers that have implemented
the server side of this.
We can now use ftps:// URLs to explicitly switch on SSL/TSL for the control
connection and the data connection (dealing with two SSL connections forced
me to change a lot of stuff in libcurl).
Alternatively, and what seems to be the recommended way, we can set the new
option CURLOPT_FTP_SSL to one of these values:
CURLFTPSSL_NOPE, - do not attempt to use SSL
CURLFTPSSL_TRY - try using SSL, proceed anyway otherwise
CURLFTPSSL_CONTROL - SSL for the control connection or fail
CURLFTPSSL_ALL - SSL for all communication or fail
Any failure to set the desired level will make libcurl fail with the error
code CURLE_FTP_SSL_FAILED. This new option makes a "normal" ftp:// transfer
attempt to be made securely.
I've been able to login and get files (passively) from Mathias' server using
both ftps:// and CURLOPT_FTP_SSL. (I've made 'curl' understand the --ftp-ssl
option that sets CURLFTPSSL_TRY.)
- Gaz Iqbal fixed a range string memory leak.
- Gisle Vanem fixed the Windows builds.
- Added the new FTPSSL defines in curl/curl.h
- Josh Kapell filed bug report #845247 as he found an endless loop when
getting a 407 back from a proxy when no user+password was given.
Daniel (19 November)
- Kevin Roth fixed a progress-bar problem on Windows.
- While working with Nicolas Croiset's bug report #843739, I noticed two minor
problems related to ftp partial downloads: if a partial transfer is
detected, we must close the connection as we cannot know in what state it is
anymore. This looks like a ProFTPD bug:
http://curl.haxx.se/mail/lib-2003-11/0079.html
- Maciej W. Rozycki made the configure script use a cache variable for the
writable argv test. This way, the default can be overridden better (for
cross-compiles etc)
Daniel (15 November)
- Mathias Axelsson found out libcurl sometimes freed the server certificate
twice, leading to crashes!
Daniel (14 November)
- Siddhartha Prakash Jain found a case with a bad resolve that we didn't
properly bail out from, when using ares.
Daniel (13 November)
- Default Content-Type for parts in multipart formposts has changed to
"application/octet-stream". This seems more appropriate, and I believe
mozilla and the likes do this. In the same area: .html files now get
text/html as Content-Type. (Pointed out in bug report #839806)
- Gisle Vanem corrected the --progress-bar output by doing a flush of the
output, which apparently makes it look better on at least windows, but
possibly other platforms too.
- Peter Sylvester identified a problem in the connect code, which made the
multi interface on a ipv6-enabled solaris box do bad. Test case 504 to be
specific. I've spent some time to clean-up the Curl_connecthost() function
now to use less duplicated code for the two different sections: ipv6 and
ipv4.
Daniel (11 November)
- Added CURLOPT_NETRC_FILE. Use this to tell libcurl which file to use instead
of trying to find a .netrc in the current user's home directory. The
existing .netrc file finder is somewhat naive and is far from perfect on
several platforms that aren't unix-style. If this option isn't set when
CURLOPT_NETRC is set, the previous approach will still be used.
The current .netrc check code now also support longer than 256 bytes path
names.
Daniel (10 November)
- Kang-Jin Lee pointed out that the generated ca-bundle.h file shouldn't be
written in the source dir if a different build dir is used.
- After Sébastien Willemijns' bug report, we now check the separators properly
in the 229-reply servers respond on a EPSV command and bail out better if
the reply string is not RFC2428-compliant.
Daniel (7 November)
- Based on Gisle Vanem's patch, I made curl try harder to get the home
directory of the current user, in order to find the default .curlrc file.
We're also considering moving out the HOME-dir code from libcurl, and
instead have the app pass in the path to the .netrc file (which is the only
logic left in libcurl that uses the HOME dir). Then curl can use the home
dir for that purpose too.
- Ralph Mitchell's updated testcurl.sh to the script to take an existing
directory name and build/run/test curl in there instead of trying to update
from CVS. Using this approach, the script can now be used to test daily
tarballs etc.
- Gisle Vanem added a "resource file" to the Windows DLL builds, to contain
information such as version number, library name, copyright info etc.
- curl checks if the existing libcurl supports things like --ntlm, --negotiate
and --krb4 and returns error if not.
- I added three new global defines in the curl/curl.h header:
LIBCURL_VERSION_MAJOR, LIBCURL_VERSION_MINOR and LIBCURL_VERSION_PATCH. They
are the three numbers in the library's version number, separated for easier
usage. 'maketgz' was updated accordingly to generate these numbers properly
when building release-archives.
- Uninitialized variable fix, reported by both Marty Kuhrt and Benjamin
Gerard.
- Matt Veenstra provided build files to build libcurl as a "framework" under
Mac OS X. See the lib/libcurl.framework.make for details.
- Removed the defines of TRUE and FALSE from the curl/curl.h header file.
They're not in our name space so we should not fiddle with them.
Daniel (5 November)
- Replaced the man page to HTML converter program with a new one: roffit.
Makes nicer web pages.
Daniel (4 November)
- Troels Walsted Hansen fixed the MSVC makefiles to let them build curl fine
on Windows.
- Kevin Roth corrected the cygwin package generator and spell-fixed the
comment in the ca-bundle.h file.
- Assume that MDTM on an FTP server returns the timestamp using the UTC time
zone. This changes the time CURLINFO_FILETIME returns for a given file over
FTP, and will change existing uses of CURLOPT_TIMECONDITION. It will make
the functionality more similar to how the HTTP one is already working.
- Command line options that take numerical parameters (such as -y, -Y, -C etc)
now report error and exit if the parameter isn't truly a number greater than
or equal to zero. This helps users to notice bad usage earlier. Before, when
a user forgot or missed to add a numerical parameter to an option, the
command line parser would simply "eat" the following option and it would
cause great confusion.
Daniel (30 October)
- David Hull made libcurl deal with NOBODY and HEADER for file:// the same way
it already does for FTP: it provides HTTP-looking headers that provide info
only about the file, without doing the actual transfer. The curl tool then
lets --head do this.
Daniel (29 October)
- runtests.pl now checks for and use valgrind if present. It will redirect the
valgrind results in log/valgrind[num] but it currently doesn't scan that
file for any errors or anything, that is still only made manually.
- David Hull made the file: URL parser also accept the somewhat sloppy file
syntax: file:/path. I added test case 203 to verify this.
Daniel (28 October)
- Dan C tracked down yet another weird behavior in the glibc gethostbyname_r()
function for some specific versions (reported on 2.2.5 and 2.1.1), and
provided a fix. On Linux machines with these glibc versioins, non-ipv6
builds of libcurl would often fail to resolve perfectly resolvable host
names.
Daniel (26 October)
- James Bursa found out that curl_msnprintf() could write the trailing
zero-byte outside its given buffer size. This could happen if you generated
a very long error message as then libcurl would overwrite the ERRORBUFFER
with one byte. Using a non-existing very long local file:// name is one case
that could make this occur.
- David Hull filed bug report #829827. It identified a problem with -C - if
the full file already was downloaded and thus the server responded with a
416. libcurl would then wrongly use the Content-Length: header and expect
that size to get transfer, causing a "hang" until the server closed the
connection and then an error 18 ("still N bytes data left of the transfer").
Now we don't return any error at all, but I think libcurl should perhaps
return some kind of info since the requested range was out of the size of
the document.
- Based on David Hull's fix in bug report #804599, we now check for solaris and
gcc in configure and set the -mimpure-text link flag for linking the lib
better.
- I've introduced a -t option to the runtests.pl script. With that option set,
the script runs special "memory torture" tests. For each test command line
in that section, the script first runs the command line and counts the total
amount of allocations made. It then runs the exact same command line again,
forcing allocation number N to fail. It will try every N from 1 to the total
number of amounts made. For every invoke, it checks that no memory was
leaked as that would indicate a bad cleanup somewhere in the code.
This is just beginning to work, and I've already made some corrections in
libcurl code. When this code works somewhat fine, I'll make sure 'make test'
in the root dir will run these tests as well.
Daniel (23 October)
- Georg Horn fixed how the CA verification is made. Verifications can now be
made while at the same time the result of it can be ignored. This also
affects the curl tool as -k can now be used together with --cacert or
--capath.
Daniel (22 October)
- Gisle Vanem found out --disable-eprt didn't work and patched it.
- Test case 91 was modified and could now repeat the problem Kevin Roth has
reported, and the bug was fixed.
- Dylan Ellicott added vc-libcurl-ssl-dll as a target to the root makefile
to build a static libcurl that links with a shared OpenSSL using MSVC.
Daniel (21 October)
- Andrés García updated the mingw32 makefiles.
Version 7.10.8-pre5 (21 October 2003)
Daniel (19 October)
- Georg Horn made libcurl output more info on SSL failures when receiving
data.
- Dominick Meglio implemented CURLOPT_MAXFILESIZE and --max-filesize.
- Made libcurl show verbose info about what auth type and user name that is
being sent in its HTTP request-headers.
Daniel (16 October)
- Removed support for CURLOPT_PASSWDFUNCTION and CURLOPT_PASSWDDATA. libcurl
no longer prompt for passwords under any circumstances. Password prompting
was instead moved to curl, which now prompts for password if -u or -U lack
it. This solves the problem Kevin Roth reported when curl prompted for
password twice when doing NTLM authentication.
- I rewrote the SSL subjectAltName check to avoid having to rely on OpenLDAP-
licensed derivate code.
Daniel (15 October)
- Avoid doing getsockopt() on Windows to verify connects. It seems that this
hogs Windows machines when libcurl is being used multi-threaded (with > ~50
threads). Andrew Fuller helped us verify and test this.
Daniel (14 October)
- Kimmo Kinnunen fixed a crash with duphandle() when CURLDEBUG is set.
- Gisle Vanem made libcurl build and work with IPv6 on Windows.
- Giuseppe Attardi reported yet another segfault with ares and the multi
interface. Me fixed.
- Domenico Andreoli removed the extra LDFLAGS assignment in lib/Makefile.am
that was reported about in the debian bug report #212086.
Domenico also fixed two makefiles where we used 'gnroff' instead of the more
portable $(NROFF).
Daniel (12 October)
- Dirk Manske made the share locking around DNS lookups slightly different to
allow the share system's DNS lookups to run somewhat more
independent/faster.
- Lachlan O'Dea fixed a resume problem: "If I set CURLOPT_RESUME_FROM, perform
an HTTP download, then reset CURLOPT_RESUME_FROM to 0, the next download
still has a Range header with a garbage value." bug report #820502
- Dominick Meglio made the inet_pton.c file build fine using MSVC.
- The 'sws' test suite web server now #include setup.h from the lib directory.
This makes it more portable easier.
Daniel Stenberg
committed
Daniel (8 October)
- Frank Ticheler provided a patch that fixes how libcurl connects to multiple
addresses, if one of them fails (ipv4-code).
- Neil Dunbar provided a patch that now makes libcurl check SSL
subjectAltNames when matching certs. This is apparently detailed in RFC2818
as the right thing to do. I had to add configure checks for inet_pton() and
our own (strictly speaking, code from BIND written by Paul Vixie) provided
code for the function for platforms that miss it.
- HTTP POST using the read callback didn't work, as Florian Schoppmann
reported.
Daniel (5 October)
- Shared provided a few fixes to make libcurl build on BeOS
out-of-the-box. New code for BeOS-style non-blocking sockets, provided by
Shard and Jeremy Friesner. Modified the autoconf check for non-blocking
sockets to check for this kind too.
Daniel Stenberg
committed
- Vincent Bronner pointed out that if you set CURLOPT_COOKIE for a transfer
and then set it to NULL in a subsequent one, the previous cookie was still
sent off!
- Jon Turner fixed a problem libcurl had when it failed on an FTP transfer due
to a bad path, it would cause the next transfer to use a bad path as well.
- Siddhartha Prakash Jain provided a patch with a fix for libcurl with ares,
when working on IP-only names as we then could return "wait" status when the
name in fact already was resolved. I edited the patch slightly to not expose
async details to non-ares aware source code.
Daniel (3 October)
- Neil Spring posted the debian bug report #213180, and pointed out that using
the name 'access' in a function prototype is not very wise as some compilers
complain.
- Peter Sylvester provided his and Jean-Paul Merlin's curlx.c example source
code that shows how they use ssl and callbacks.
Daniel (2 October)
Daniel (26 September)
- My daughter was born!
Daniel (23 September)
- Added support for -4/--ipv4 and -6/--ipv6 to force names to resolve to that
particular IP version. They only work for IPv6-enabled libcurls.
- curl -V now outputs 'SPNEGO' as a feature in case libcurl was built to
support that.
Daniel (22 September)
- Giuseppe Attardi found a segfault in libcurl when using the multi interface
with ares and doing repeated operations against a non-resolving host name.
Daniel (19 September)
- Added the CURLOPT_IPRESOLVE option, that allows an application to select
what kind of IP addresses he wants to use when resolving host names. This
is only interesting when using host names that resolve addresses using more
than one version of IP.
- Applied Markus Moeller's patch that introduces SPNEGO support if libcurl
is built with the FBopenssl libraries. curl_version_info() now returns
info on SPNEGO availability. The patch also made the GSSAPI stuff work fine
with the MIT GSS-library (the Heimdal one still works too).
Daniel (16 September)
- Doing PUT with --digest failed, as reported in bug report #805853.
- Using --anyauth that picked NTLM, and then a redirect closed the connection
and took curl to a second NTLM page made curl fail. Bug report #806328
identified the problem, test case 90 was added to verify the fix.
- codemastr brought a patch for ares to make the Windows portions of it work
properly on NT4. I uploaded a new diff and updated the docs on where to get
it etc.
- Jeff Pohlmeyer tracked down a very hard-to-find bug where we removed a
cached DNS entry even though it may be in use, which caused "random" memory
to get overwritten and thus "random" crashes.
Daniel (12 September)
- Based on a bug report by David Kimdon, I made the runtests.pl script clear
all possible proxy environment variables before the tests are run.
Daniel Stenberg
committed
- By default, easy handles within a multi handle now share DNS cache.
- Tim Bartley brought a patch that makes the GSSNEGOTIATE option work for
Microsoft's "Negotiate" authentication as well.
Daniel (11 September)
- A zero-length proxy string confused FTP transfers.
- Bjorn Reese found a case with an uninitialized pointer, only present when
built for ares.
Version 7.10.8-pre1 (8 September 2003)
Daniel (7 September)
- Jurij Smakov found out that the non-OpenSSL MD5 code was not working on
Alpha (or ia64). Only the OpenSSL-version did. I made a fix I think corrects
the problem.
Daniel (5 September)
- Kevin Fisk reported that configure --enable-thread didn't work. I fixed.
- De-macrofied the lib/hash.c source code somewhat.
Daniel (4 September)
- CURLINFO_HTTPAUTH_AVAIL and CURLINFO_PROXYAUTH_AVAIL added, Based on Joerg
Mueller-Tolk's patch,
Early (4 September)
- Added CURLOPT_FTP_RESPONSE_TIMEOUT - allows user to set strict timeout
requirements on the FTP server's ability to respond to individual commands
without placing global requirements on transfer or connect time. Files
affected:
- include/curl/curl.h
Added option CURLOPT_FTP_RESPONSE_TIMEOUT
- lib/ftp.c
Added branch inside Curl_GetFTPResponse to check for
data->set.ftp_response_timeout
- lib/url.c
Modified Curl_setopt to recognize CURLOPT_FTP_RESPONSE_TIMEOUT
- lib/urldata.h
Added ftp_response_timeout to struct UserDefined
Daniel (3 September)
- Peter Pentchev found and fixed two problems in the test suite's web server
code, that made it segfault at times.
- Jörg Mueller-Tolk improved the proxy user+password handling, especially
when providing a blank password.
Daniel (2 September)
- Fix for making CONNECT to proxies do the correct magic to allow NTLM, Digest
and similar to work.
Daniel (1 September)
- Henrik Storner made libcurl work fine with OpenLDAP 2.1.22 (current).
- Jeff Pohlmeyer added a proper error message for non-resolving hosts when
using ares for lookups.
Daniel (25 August)
- John McGowan reported that curl -k still failed if the HTTPS server's CN
field wasn't obtainable. This was due to the CURLOPT_SSL_VERIFYHOST being
set to 1, and libcurl failed if the CN was missing. Starting now, having it
set to 1 will simply output a warning if no CN could be obtained (as having
a mismatch is OK).
Daniel (21 August)
- Vincent Sanders provided a fix for name resolving when linked with uClibc.
Daniel (20 August)
- Gerd v. Egidy provided a patch that makes libcurl store the FTP response
code from ftp servers. Using curl_easy_getinfo() with CURLINFO_HTTP_CODE
returns that data. The option is therefore now also known as
CURLINFO_RESPONSE_CODE.
- Antoine Calando found a segfault when doing multi-part/formpost using
the multi interface.
- Antoine Calando pointed out that curl_multi_info_read() didn't set the
msgs_in_queue to 0 properly when returning NULL.
Daniel (19 August)
- I made curl support multiple -T options, as well as -T "{file1,file2}"
style globbing. One -T for each URL is supported.
- Jeff Pohlmeyer found a segfault when using ares-enabled libcurl and the
multi interface when trying a non-existing host name.
- Made the libcurl printf code support long longs if available.
- Loren Kirkby pointed out that we did not clean up all SSL-allocated memory
in curl_global_cleanup().
Daniel (17 August)
- Setting CURLOPT_WRITEFUNCTION or CURLOPT_READFUNCTION to NULL will now make
them get the internal defaults restored. Previously this could cause a
segfault. We should aim at having all pointer-related options get restored
to default/safe values when set to NULL.
Version 7.10.7 (15 August 2003)
Daniel (14 August)
- I modified the memdebug system to return failure on memory allocation
functions after a set amount of successful ones. This enables us to test
out-of-memory situations in a controlled manner and we can make sure that
curl/libcurl behaves good in those.
This made me find and fix several spots where we did not cleanup properly
when bailing out due to errors (low memory).
- Corrected test case 74. Made using -o with bad #[num] codes complain and
bail out. Made #[num] support numbers larger than 9 as well. Added test
case 86 for a proper range globbing test as well.
Version 7.10.7-pre4 (12 August 2003)
Daniel (12 August)
- curl_version_info() now returns a flag if libcurl was built with asynch DNS
support, and this is now also displayed with 'curl -V'.
- Added a few new man pages to the docs/libcurl dir: curl_share_init,
curl_share_setopt, curl_share_cleanup, libcurl-easy and libcurl-share.
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
Daniel (11 August)
- Mike Cherepov made the local binding code work for Windows, which makes
the option CURLOPT_INTERFACE work on Windows as well.
- Vincent Sanders updated the fopen.c example code a lot.
- --proxy-ntlm is now supported by the curl tool. It forces the proxy
authentication to be made using NTLM. It does not yet work for HTTPS over
proxies (or other proxy-tunneling options). Test case 81 and 82 do some
simple initial ntlm testing.
- Found and fixed a minor memory leak on re-used connections with
proxy-authentication.
- I removed -@ and -Z as valid short options. They were very rarely used (@
wasn't even documented).
- Serge Semashko introduced CURLOPT_PROXYAUTH, and make it work when set to
CURLAUTH_NTLM and/or CURLAUTH_BASIC. The PROXAUTH is similar to HTTPAUTH,
but is for the proxy connection only, and HTTPAUTH is for the remote host.
- Fixed loading of cookies with blank contents from a cookie jar. Also made the
cookie functions inform on added and skipped cookies (for cookie debugging).
Version 7.10.7-pre3 (8 August 2003)
- Applied David Byron's fix for file:// URLs with drive letters included.
- I added the --ftp-create-dirs to the client code, which activates Early's
CURLOPT_FTP_CREATE_MISSING_DIRS option, and wrote test case 147 to verify
it. Added the option to the curl.1 man page too. Added the option to the
curl_easy_setopt.3 man page too.
Daniel (7 August)
- Test case 60 failed on ia64 and AMD Opteron. Fixed now.
- Fixed a printf problem that resulted in urlglobbing bugs (bug #203827 in the
debian bug tracker). Added test case 74 to verify the fix and to discover if
this breaks in the future.
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
Version 7.10.7-pre2 (6 August 2003)
Daniel (5 August)
- Duncan Wilcox helped me verify that the latest incarnation of my ares patch
builds fine on Mac OS X (see the new lib/README.ares) file for all details.
- Salvatore Sorrentino filed bug report #783116 and Early Ehlinger posted a
bug report to the libcurl list, both identifying a problem with FTP
persitent connections and how the dir hiearchy was not properly reset
between files.
- David Byron's thoughts on a fixed Makefile in tests/ were applied.
- Jan Sundin reported a case where curl ignored a cookie that browsers don't,
which turned up to be due to the number of dots in the 'domain'. I've now
made curl follow the the original netscape cookie spec less strict on that
part.
Daniel (4 August)
- Dirk Manske added cookie support for the experimental, hidden and still
undocumented share feature!
- Mark Fletcher provided an excellent bug report that identified a problem
with FOLLOWLOCATION and chunked transfer-encoding, as libcurl would not
properly ignore the body contents of 3XX response that included the
Location: header.
Early (6 August)
- Added option CURLOPT_FTP_CREATE_MISSING_DIRS
This option will force the target file's path to be created if it
does not already exist on the remote system.
Files affected:
- include/curl/curl.h
Added option CURLOPT_FTP_CREATE_MISSING_DIRS
- lib/ftp.c
Added function ftp_mkd, which issues a MKD command
Added function ftp_force_cwd, which attempts a CWD,
and does a MKD and retries the CWD if the original CWD
fails
Modified ftp_perform() to call its change directory function
through a pointer. The pointer points to ftp_cwd by default,
and is modified to point to ftp_force_cwd IFF
data->set.ftp_create_missing_dirs is not 0.
- lib/url.c
Modified Curl_setopt to recognize CURLOPT_FTP_CREATE_MISSING_DIRS
- lib/urldata.h
Added ftp_create_missing_dirs to struct UserDefined
- Minor Bugfix for CURLOPT_TIMECONDITION with FTP - if the file was not
present to do the time comparison, it would fail.
Files affected:
- lib/ftp.c
In ftp_perform(), the call to ftp_getfiletime() used to be followed
by
if (result)
return result;
And then by the code that actually did the time comparison.
The code that did the comparison handled the case where the filetime
was not available (as indicated by info.filetime < 0 or set.timevalue
< 0), so I replaced the if (result) return result with a switch(result)
that allows CURLE_FTP_COULDNT_RETR_FILE to fall through to the
normal time comparison.
Daniel (3 August)
- When proxy authentication is used in a CONNECT request (as used for all SSL
connects and otherwise enforced tunnel-thru-proxy requests), the same
authentication header is also wrongly sent to the remote host.
This is a rather significant info leak. I've fixed it now and mailed a patch
and warning to the mailing lists.
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
Daniel (1 August)
- David Byron provided a patch to make 7.10.6 build correctly with the
compressed hugehelp.c source file.
Version 7.10.7-pre1 (31 July 2003)
Daniel (30 July)
- Jörg Müller-Tolk updated the VC makefile.
- Daniel Noguerol made the ftp code output "Accept-Ranges: bytes" in similar
style like other faked HTTP headers when NOBODY and HEADER are used. I
updated two corresponding test cases too.
- Marty Kuhrt pointed out a compilation problem on VMS due to my having
changed a type from long to time_t, and I'm now changing it back to work
more portably...
He also indicated that distributing the src/hugehelp.c in a compressed state
like I acccidentally did may not be the smartest move... I've now fixed the
distribute procudere to automaticly generate an uncompressed version when I
make release archives.
Daniel (29 July)
- Gisle Vanem brought changes to the mkhelp script for the generation of the
compressed help text on some platforms.
Version 7.10.6 (28 July 2003)
Daniel (28 July)
- François Pons brought a patch that once again made curl deal with ftp and
"double slash" as indicating the root directory. In the RFC1738-fix of April
30, that ability was removed (since it is not the "right" way). So, starting
now we can list the root dir of an ftp server both these ways:
curl ftp://server.com/%2f as well as
curl ftp://server.com//
Daniel (24 July)
- Henry Bland pointed out that we included sys/resource.h without good reason
in several source files. Without it included, QNX builds better...
- Andrés García updated the mingw makefiles.
Daniel (23 July)
- Tracy Boehrer experienced DNS cache problems and did some nice debugging
and tracking which made it easy for me to correct the problem and Tracy
could verify that it did cure the problem! When re-using a connection we
now make sure we don't re-use the 'connect_addr' struct.
- Daniel Kouril corrected the GSS-Negotiate code.
- Juan F. Codagnone provided fixes to allow curl to build fine on Windows
again.
Daniel (22 July)
- Edited the curl/curl.h include file to build on Windows properly.
Daniel (21 July)
- Moved the proxy credentials from the SessionHandle struct to the connectdata
struct, to make multiple proxy connections with differerent user names work.
- Adjusted the NTLM code to support proxy functionality.
- Made the krb4 stuff compile with the user+password fields moved.
Daniel (20 July)
- David Gardner pointed out in bug report 770755 that using the FTP command
CWD with a blank argument is a bad idea and I made libcurl skip empty path
segments starting now.
Daniel (18 July)
- Cris pointed out that my fix on July 16th didn't work fully. His pointing
out this (and his patch) also made me realize that we have a very similar
bug in the FTP connection re-use code. We must store a separate user and
password field for each connection we keep (at least for FTP and HTTP+NTLM
connections, so I made us do this unconditionally).
- Since NTLM authenticates connections instead of single requests, I had to
re-arrange how we store the NTLM data and I had to improve the test suite to
finally work properly with persistancy to make the NTLM tests run fine
again. This also forced me to have to update lots of HTTP test cases.
Daniel (16 July)
- Cris Bailiff's bug report 768275 pointed out that using Basic auth with
wrong user+password caused an endless loop. Fixed now. He also found out that
we didn't properly authenticate connections with NTLM. Fixed too.
- Dan Winship provided fixes for the NTLM code.
Daniel (5 July)
- Doug Kaufman provided additional fixes for the DOS port.
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
Daniel (4 July)
- Rick Richardson pointed out that using setvbuf() to achive non-buffering
on output is no-good for SCO Xenix and other unixes. We switched over to
using plain fflush() instead.
- Dan Grayson pointed out that we set the CURL_CA_BUNDLE variable wrongly in
the configure script, and I had to change some build stuff to make the new
way work.
- Peter Sylvester's patch was applied that introduces the following:
CURLOPT_SSL_CTX_FUNCTION to set a callback that gets called with the
OpenSSL's ssl_ctx pointer passed in and allow a callback to act on it. If
anything but CURLE_OK is returned, that will also be returned by libcurl
all the way back. If this function changes the CURLOPT_URL, libcurl will
detect this and instead go use the new URL.
CURLOPT_SSL_CTX_DATA is a pointer you set to get passed to the callback set
with CURLOPT_SSL_CTX_FUNCTION.
Daniel (1 July)
- David Byron provided a patch that allows a client to quit the test suite's
HTTP server.
- Gisle Vanem found and patched a lib handle leak in the ldap code.
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
Daniel (25 June)
- More NTLM-improvements. Less code. Smaller packets back and forth.
Daniel (23 June)
- Eric Glass provided us with a better doc on NTLM details, and I added more
comments and clarified the current code more. Using the new knowledge, we
should be able to make the NTLM stuff work even better.
Eric's original URL: http://davenport.sourceforge.net/ntlm.html
Version stored and provided at curl site: http://curl.haxx.se/rfc/ntlm.html
- Fixed the minor compile problems pre3 had if built without GSSAPI and/or
SSL.
Version 7.10.6-pre3 (19 June 2003)
Daniel (19 June)
- Made curl use curl_free() on memory returned by curl_getenv(), as this
should theoreticly make it possibly to build and run curl and libcurl with
different memory allocation schemes with no problems.
Daniel (18 June)
- Improved the mkhelp.pl a bit further to make a nicer hugehelp text and to
include a better comment in the top for the gzip compressed version.
Daniel (17 June)
- CURLOPT_HTTPAUTH is now a bitmask, in which you set which authentication
type(s) you want to use. If more than one is set, libcurl will use one of
the selected one and the one it considers is more secure. Test case 67 and
68 (for NTLM) were fixed and we've reduced a round-trip for specific --ntlm
featches, and test case 69 and 70 were added for testing authentication
"picking". --anyauth is the new command line tool option, and I also added
--basic for completeness (that's the default type).
- Fixed the runtests.pl script to use the info provided by the new curl -V
output.
- --enable-debug now sets the CURLDEBUG define instead of MALLOCDEBUG, as it
is meant to be a generic debug conditional.
- curl_version_info() can now return CURL_VERSION_DEBUG as a feature bit, to
indicate that the library was built with CURLDEBUG set.
- Ralph Mitchell found out that some web applications very badly uses white
spaces in Location: redirects, and apparently IE is a browser (the only
one?) that supports this abomination. Based on Ralph's patch, I added code
that now attempts to replace white spaces with the proper "%20" or "+".
Test case 40 and 42 were added to verify my changes.
- curl -V now also outputs a list of features the available library offers (if
any).
- The curl_version() string now includes "GSS" if libcurl is built with GSSAPI
support.
- David Orrell reported that libcurl still crashed when sending HUGE requests
over HTTPS... I fixed.
Version 7.10.6-pre2 (16 June 2003)
Daniel (16 June)
- curl_version_info() now returns bitmasked information weather NTLM and
GSSNEGOTIATE are supported, since it is doomed to vary on different
installatiions.
- I remade the HTTP Digest code to use the MD5-code provided by OpenSSL if
that is present, and only use our own MD5-code if it isn't.
Daniel (13 June)
- More NTLM help, fixes and patches from Cris Bailiff.
- Marty Kuhrt brought include fixes for making VMS builds warning-free.
Daniel (12 June)
- NTLM authentication works somewhat against the test servers provided by
Mathias Axelsson and Cris Bailiff. Use by setting CURLOPT_HTTPAUTH to
CURLAUTH_NTLM to libcurl, or --ntlm for the curl tool. Test case 67 and 68
were added for this. NTLM-support requires OpenSSL.
- Dan Fandrich provided a patch, that granted that gzip and libz are available
at build-time, compresses the hugehelp text in the curl command line and
uncompresses it at request. Saves some ~60K in the final output executable.
Daniel (11 June)
- Long day of fighting the NTLM demons.
- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
and pick method. Supported ones currently are:
CURLAUTH_BASIC - default selection
CURLAUTH_DIGEST - formerly CURLOPT_HTTPDIGEST
CURLAUTH_GSSNEGOTIATE
- Daniel Kouril added HTTP GSS-Negotiate authentication support, as defined in
the IETF draft draft-brezak-spnego-http-04.txt. In use already by various
Microsoft web applications. --negotiate is the new family member. To take
advantage of this, you need one of these packages:
o Heimdal Kerberos5 http://www.pdc.kth.se/heimdal/heimdal.html
o GSSAPI from Globus http://www.globus.org/
o GSSAPI libraries from MIT Kerberos5 http://web.mit.edu/kerberos/www/
- A missing ending bracket (']') while doing URL globbing could lead to a
segfault. While fixing this, I also introduced better error reporting in the
globbing code. (All this is application code outside libcurl.)
Daniel (6 June)
- David Orrell found out that sending a huge GET request over HTTPS could
make libcurl fail and return an error code.
- Richard Bramante found out that "Content-Length: 0" was not properly used by
libcurl if the response-headers indicated that the connection would be
closed.
- David Byron's patch was applied, that makes the --progress-bar take the
local size into account when doing resumed downloads.
- Feedback from Serge Semashko made me change the error message returned when
CURLE_HTTP_RETURNED_ERROR is returned.
- Anonymous in bug report #745122 pointed out that we should really be using
SSL_CTX_set_options(... SSL_OP_ALL) to work around flaws in existing SSL
implementations.
Daniel (27 May)
- Andreas Ley and Rich Gray helped me point out that no version of HP-UX has
the sys/select.h header file so including it unconditionally in curl/multi.h
is not a good thing. Now we check for HPUX and avoid using that header on
such systems.
- Rudy Koento experienced problems with curl's recent habit of POSTing data in
two separate send() calls, first the headers and then the data. I've now
made a fix that for static and known content that is less than 100K in size,
everything is now sent in one single system call again. This is also better
for network performance reasons.
- I modified the main makefile to not build the test suite and a few other
unnecessary things by default. Now, the test suite is built when 'make test'
is run. This reduces build time for those who don't care for the test
suite, and it also reduces confusion for people using platforms where the
test suite build fails!
Daniel (26 May)
- Chris Lewis pointed out a flaw in the #ifdefs in curl/multi.h for Windows,
which is now corrected.
- Jis Joy found another flaw in the SOCK5 code, as libcurl treated the socks5
proxy a little too much like as if it was a http proxy.
Daniel (23 May)
- Ricardo Cadime found a socket leak when listing directories without
contents. Test cases 144 and 145 were added to verify the fix.
- Rudy Koento found yet another problem when a HTTP server returns only a
single-line of contents without any headers at all. libcurl then failed to
count the data, thus returning error 52 "no contents". Test case 66 was
added to verify that we now do right.
Version 7.10.6-pre1 (23 May 2003)
Daniel (23 May)
- Jis in bug report #741841, fixed a bug in the SOCKS5 proxy-using code.
Daniel (22 May)
- David Remahl set up a test-server for me providing Digest authentication,
and I wrote the first working code that support it. The test suite was
modified slightly as well to work better for it and --digest was added to
the command line options (and CURLOPT_HTTPDIGEST to the library)... RFC2617
has all the gory details.
- David Balazic pointed out that curl_unescape() didn't check that %-codes
were correctly followed by two hexadecimal digits when it unescape strings.
Now, we do the check and only %XX codes are unescaped if the X letters are
hexadecimals.
- Gisle Vanem made curl build with djgpp on DOS.
- Gisle Vanem improved the mkhelp.pl script to make a nicer manual that is
shown with curl -M.
Daniel (20 May)
- Gisle Vanem provided a fix that makes libcurl more conservative, not
expecting h_aliases of the hostent struct to always be non-NULL.
Daniel (19 May)
- As requested by Martin Michlmayr in Debian bug report #193630, libcurl now
supports user name and password in the proxy environment variables. Added
test case 63 to verify this.
Version 7.10.5 (19 May 2003)
Daniel (15 May)
- Changed the order for the in_addr_t testing, as 'unsigned long' seems to be
a very common type inet_addr() returns.
Daniel (14 May)
- George Comninos provided a fix that calls the progress meter when waiting
for FTP command responses take >1 second. It'll make applications more
"responsive" even when dealing with very slow ftp servers.
Daniel (12 May)
- George Comninos pointed out that libcurl uploads had two quirks:
o when using FTP PORT command, it used blocking sockets!
o it could loop a long time without doing progress meter updates
Both items are fixed now.
Daniel (9 May)
- Dan Fandrich changed CURLOPT_ENCODING to select all supported encodings if
set to "". This frees the application from having to know which encodings
the library supports.
- Dan Fandrich pointed out we had three unnecessary files in CVS that is
generated with libtoolize, so they're now removed and libtoolize is invoked
accordingly in the buildconf script.
- Avery Fay found out that the CURLOPT_INTERFACE way of first checking if the
given name is a network interface gave a real performance penalty on Linux,
so now we more appropriately first check if it is an IP number and if so
we don't check for a network interface with that name.
- CURLOPT_FTP_USE_EPRT added. Set this to FALSE to disable libcurl's attempts
to use EPRT and LPRT before the traditional PORT command. The command line
tool sets this option with '--disable-eprt'.
Version 7.10.5-pre2 (6 May 2003)
Daniel (6 May)
- Kevin Delafield reported another case where we didn't correctly check for
EAGAIN but only EWOULDBLOCK, which caused badness on HPUX.
Daniel (4 May)
- Ben Greear noticed that the check for 'writable argv' exited the configure
script when run for cross-compiling, which wasn't nice. Now it'll default to
no and output a warning about the fact that it was not checked for.
Daniel (2 May)
- Added test case 62 and fixed some more on the cookie sending with a custom
Host: header set.
Daniel (1 May)
- Andy Cedilnik fixed a few compiler warnings.
- Made the "SSL read error: 5" error message more verbose, by adding code that
queries the OpenSSL library to fill in the error buffer.
- Added sys/select.h include in the curl/multi.h file, after having been
reminded about this by Rich Gray.
- I made each test set its own server requirements, thus abandoning the
previous system where the test number implied what server(s) to use for a
specific test.